There is No Silver Bullet for Cyber Security but Unified Defense is Best Approach

Enterprises of all sizes are falling victim to very determined malicious actors whose motivations range from financial gain to government sponsored campaigns. The threats are not limited to commercial enterprises but have significant impact on civilian and non-civilian government agencies.

The nature of what organization must address has changed dramatically over the past decade. The threat surface has expanded significantly, the nature of the threats is evolving at an unprecedented rate and the complexity of what makes up an organization has grown. Organizations have migrated from having a tightly controlled network with endpoints and devices provided by the company, to one where the very definition of an endpoint and device is changing, driven by the proliferation of the Internet of Things (IoT), organizational policies to allow employees bring their own devices on the network (BYOD) and the adoption of private and public cloud deployments. The definition of a network has changed too, it is no longer a walled garden but an amorphous structure where users can access organizational resources from anywhere, anytime, and from almost any device.

To counter these factors, organizations have started implementing solutions to address security. However, this might be a disappointment to several of you, but reflects reality. There is no silver bullet! - no single solution that can address all security issues. A “defence in depth” approach did not come about by accident but is based on the determination that while you might need a thousand solutions in your network, you need solutions that address different aspects of security.

You are not alone. Your networks have changed significantly and you have multiple solutions. That establishes a baseline. The question is what can organizations do differently to be better prepared. Here are some suggested best practices.

Introspection

This means understanding your capabilities and risks. Just understanding the impact of being breached in terms of cost, downtime and reputation of the brand will help you prioritize what actions to take.

Get visibility

Develop a clear picture of the key assets you have, where they are located, who has access to them, identify the most critical assets. In the digital age, data is king so knowing which devices have access to your data is key. Note that data is not just the domain of the large enterprise, but a reality for every size and type of organization. This assessment will lead to you the determination of what makes up your organization.

Examine your architecture

With the proliferation of IoT, adoption of BYOD, growth in use of virtualized environments, and adoption of public and private cloud infrastructures – all require that you step back and examine how you architected your core network. Focus on the outcomes you desire while you examine the architecture – is your network architected to maximize availability and ensure continuity even if it is under attack, have you secured your data paths to make sure you are protecting every known avenue that can be used to steal that data, does your protection extend to the physical and virtual elements in your network.

Do a process inventory

Technology is a key element to addressing security challenges, but technology is part of the solution. People and processes play an equally important role in maintaining a robust security posture. Developing an understanding of how sensitive information is handled, who has access to sensitive information, your internal policies on how you treat sensitive data, policy enforcement mechanisms and ongoing training of personnel handling sensitive data must be part of the overall solution.

Start by addressing the basics

Often organizations invest in the latest and greatest technology and buzz word driven solutions. Sometimes there is a perceived correlation between “high end solution” and impact. But there is a difference between perception and reality. Organizations must start with the basics.

Institute best practices

Like I said above, people and process are a critical component of addressing your security posture. Make sure you have instituted best practices around passwords, patching your systems with the latest updates and keeping up to date with your hardware and software.

Address the core of your network

Organizations that have adopted a defense in depth approach have done so for several critical applications like e-mail, web traffic and endpoints. Often, they ignore the core of their network –the basic systems that allow access to applications and services on their network. In other words, core elements like DNS, DHCP and IP address management, often referred to as DDI.

Get help

Too often organizations rely on internal expertise, but budget constraints and the availability of trained security experts constrain their ability to have the extensive coverage they need. Help comes in many forms, technology and external expertise. Augmenting the team’s skill sets with the latest development in technology that allows automation and leverages machine learning to drive better insight into threats is key. Relying on security expertise from organizations that specialize in security is often underutilized.

Unify your approach

Make sure that all the elements of your defense in depth approach work in unison. This means that when one system sees a vulnerability that information should be shared with the other parts of the infrastructure. Whether that information is an indicator of compromise or threat intelligence – the information should be shared. For example, if your DDI infrastructure identifies a new device on the network, that information should be shared with a Vulnerability Scanner so it can scan the device to ensure its integrity. While the information in isolation is useful (a new device on the network) it is becomes actionable and more impactful when it is shared with other parts of your infrastructure. Of course, this requires that the vendors you select have an open approach and have built their products with the ability to share information with other parts of your infrastructure.

Popular Posts

Just like the internet, Search Engine Optimization is constantly changing. Also, it's becoming more difficult to perform a good SEO as soon as Google is continuously improving the algorithm of ranking websites. SEO becomes more complicated so you should expect to pay more for hiring SEO specialists or agencies.
The leading Customer Success Manager of Semalt, Igor Gamanenko explains what factors force SEO services cost increase. SEO Expertise
SEO has been undergoing the crucial changes and updates over the last 10 years. In the early days of SEO, Google only was caring about the technical aspect of your website, links and keyword metadata to rate you higher. The rating guidelines were quite easy: all you had to do was using some keywords in your metadata and more links than your competitors. This was enough to give you a higher ranking in search engines.
Today, the game has completely changed. Through semantics, Google has a better understanding of
internet searches, so it can judg…

By: Sunil Mahale, India MD and VP, Nutanix Digital
transformation has been recognized as being vital to the growth of
our nation. This transformation has enjoyed the unanimous approval
and contribution from all stake holders including enterprises, MSMEs,
government bodies and citizens. But this level of adoption in a
country with a population of over a billion people would need a
robust technology base that is capable to collecting and distributing
vital data seamlessly. Digital
India envisions creating high speed digital highways, that will
impact commerce and create a digital footprint for every individual.
Technologies based on mobility, analytics, Internet of things and
most importantly, cloud
technologies are the building blocks for the digital India
mission. There
is a growing need to manage huge volumes of data, and making them
readily available to public through digital cloud services. Cloud has
a pivotal role in enabling this change. While
Data centers have become crucial to th…

PayPal announced a shortlist of five new Financial Technology (FinTech) startups –Finbox, Neoeyed, Paymatrix, Scalend and Tybo as new entrants into its PayPal Incubator in Chennai. The announcement was made after the final round of pitching during the 5th Incubation Challenge, where 10 shortlisted startups from 250 startups presented to an esteemed panel of judges including Guru Bhat, GM Technology & Head of Engineering – PayPal, Anupam Pahuja, MD – PayPal India and Rama Bethmangalkar, Venture Capitalist, formerly with Ventureast.
As a part of PayPal’s vision to transform and democratize financial services, the Incubator helps elevate and drive innovation across the FinTech industry with a focus on startups in financial technology as well as adjacencies like loyalty, machine learning, big data and logistics among others.
“In its 5th year, the PayPal Incubator has received an overwhelming response with over 250 applications from early stage FinTech startups – a 150% growth from l…